P.S. Virtual NSE4-5.4 courses are available on Google Drive, GET MORE: https://drive.google.com/open?id=1YR5fY-VinwDTR3q70wpdEN_O3N_EUu6U
New Fortinet NSE4-5.4 Exam Dumps Collection (Question 1 - Question 10)
Question No: 1
Which statements about One-to-One IP pool are true? (Choose two.)
A. It allows configuration of ARP replies.
B. It allows fixed mapping of an internal address range to an external address range.
C. It is used for destination NAT.
D. It does not use port address translation.
Answer: B,D
Question No: 2
An administrator wants to configure a FortiGate as a DNS server. The FortiGate must use its DNS database first, and then relay all irresolvable queries to an external DNS server. Which of the following DNS method must you use?
A. Non-recursive
B. Recursive
C. Forward to primary and secondary DNS
D. Forward to system DNS
Answer: B
Question No: 3
Which of the following settings and protocols can be used to provide secure and restrictive administrative access to FortiGate? (Choose three.)
A. Trusted host
B. HTTPS
C. Trusted authentication
D. SSH
E. FortiTelemetry
Answer: A,B,D
Question No: 4
What inspections are executed by the IPS engine? (Choose three.)
A. Application control
B. Flow-based data leak prevention
C. Proxy-based antispam
D. Flow-based web filtering
E. Proxy-based antivirus
Answer: A,B,D
Question No: 5
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. The FortiGate unitu2021s public IP address
B. The FortiGate unitu2021s internal IP address
C. The remote useru2021s virtual IP address
D. The remote useru2021s public IP address
Answer: B
Question No: 6
An administrator has configured a route-based IPsec VPN between two FortiGates. Which statement about this IPsec VPN configuration is true?
A. A phase 2 configuration is not required.
B. This VPN cannot be used as part of a hub and spoke topology.
C. The IPsec firewall policies must be placed at the top of the list.
D. A virtual IPsec interface is automatically created after the phase 1 configuration is completed.
Answer: D
Question No: 7
An administrator has configured two VLAN interfaces:
A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface. However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?
A. Both interfaces must be in different VDOMs
B. Both interfaces must have the same VLAN ID.
C. The role of the VLAN10 interface must be set to server.
D. Both interfaces must belong to the same forward domain.
Answer: D
Question No: 8
When using WPAD DNS method, what is the FQDN format that browsers use to query the DNS server?
A. wpad.<local-domain>
B. srv_tcp.wpad.<local-domain>
C. srv_proxy.<local-domain>/wpad.dat
D. proxy.<local-domain>.wpad
Answer: A
Question No: 9
What does the command diagnose debuf fsso-polling refresh-user do?
A. It refreshes user group information form any servers connected to the FortiGate using a collector agent.
B. It refreshes all users learned through agentless polling.
C. It displays status information and some statistics related with the polls done by FortiGate on each DC.
D. It enables agentless polling mode real-time debug.
Answer: C
Question No: 10
Which of the following statements are true when using Web Proxy Auto-discovery Protocol (WPAD) with the DHCP discovery method? (Choose two.)
A. The browser sends a DHCPINFORM request to the DHCP server.
B. The browser will need to be preconfigured with the DHCP serveru2021s IP address.
C. The DHCP server provides the PAC file for download.
D. If the DHCP method fails, browsers will try the DNS method.
Answer: C,D
P.S. Easily pass NSE4-5.4 Exam with Surepassexam Virtual Dumps & pdf vce, Try Free: https://www.surepassexam.com/NSE4-5.4-exam-dumps.html ( New Questions)